Two members of the House Intelligence Committee Wednesday reintroduced their Cyber Intelligence Sharing and Protection Act (CISPA), a controversial piece of cybersecurity legislation focused on information sharing. But does the bill stand any chance of succeeding, and in the wake of recent cybersecurity moves by the White House, is it even necessary?
CISPA last year passed the House, despite facing strong opposition from civil liberties groups and the Obama administration. But the bill ultimately died in the Senate, which was pursuing its own cybersecurity legislation.
Could CISPA 2.0 succeed? Here are six related facts:
1. Original Bill: All Carrot, No Stick.
The original CISPA, written by Mike Rogers (R-Mich.), the House Intelligence Committee Chairman, together with ranking member C. A. Dutch Ruppersberger (D-Md.), and introduced in November 2011, was designed to facilitate two-way information sharing between intelligence agencies and private businesses. Notably, the bill would have legally protected from prosecution any business that shared information about its customers or employees — including activity on Facebook and email — with intelligence agencies. Likewise, intelligence agencies were allowed to collect data from businesses as needed “to protect the national security of the United States.”
Nebulous language and fears of unchecked surveillance helped ensure the bill’s demise. The White House threatened to veto the bill, largely over related privacy concerns. In addition, the bill would have provided classified data to the private businesses that run the vast majority of the so-called critical infrastructure, but not required the businesses actually do anything with the information.